Small businesses are a big target for cyber-attacks. A recent article on Forbes.com cites the Verizon Data Breach Investigations Report 2019, which states over 40% of world-wide attacks are targeted at small businesses.
Here are some the most common forms of cyber-attacks:
- Phishing is an attempt to obtain sensitive info such as passwords and usernames. The attempt is usually made by email or messaging. The message can contain malware or ransomware.
- Malware is software made to damage a computer, server or network.
- Ransomware is software which blocks computer access until money is paid.
- Computer virus. Software which infects computers by inserting itself into computer files and then spreading.
Here are some steps you can take to help protect your small business:
- Identify the threat with risk assessments on data you consider critical and that would be vulnerable with a value to someone else. Consider what would be the consequences of an attack.
- Also consider how you store information and who can access it. Your employees should only be able to access what they need to do their job.
- Training should be given to employees in internet safety. They should be aware of phishing emails as well as the dangers of using unsecure Wi-Fi connections if they work remotely.
- Make sure you anti-virus software and ensure your firewall is up to date.
- Ensure you perform regular back-ups and keep them in a separate location.
- Implement a two-factor authentication for remote workers and for when you are required to share personal information. This additional authentication step requires such things as a security questions or a text message asking for a passcode rather than just a username and password.
This post is a starting guide for steps to take. For more information visit https://www.ncsc.gov.uk/collection/small-business-guide.